package com.ckm.config.xss;

import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Component;

import java.io.IOException;

@Component
public class XSSFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        Filter.super.init(filterConfig);
    }

    @Override
    public void doFilter(ServletRequest servletRequest,
                         ServletResponse servletResponse,
                         FilterChain filterChain) throws IOException, ServletException {
        /*
         * 1. 重写getParameter方法
         * 2. 在getParameter中判断属性,然后对特殊字符进行编码,使用官方提供的工具类.
         * 3. 继续提交请求
         */
        filterChain.doFilter(new XSSHttpServletRequestWrapper((HttpServletRequest) servletRequest), servletResponse);
    }

    @Override
    public void destroy() {
        Filter.super.destroy();
    }
}
